EMEA Privacy Policy

LAST UPDATED: 19th January 2015

AIG Travel EMEA Limited is a member of the American International Group, Inc. group ("AIG"). We are committed to protecting the privacy of the individuals we encounter in conducting our business. "Personal Information" is information that identifies and relates to you or other individuals (such as your dependants). This Privacy Policy describes how we handle Personal Information that we collect both through:

your employer (by telephone or email);

this website (the "Site");

the software applications made available by us for use on or through

computers and mobile devices (the "Apps");

our social media pages, including those linked at Social@AIG (http://www.aig.com/social-media_3171_442101.html); and

(collectively (including the Site, the Apps and our Social Media Content) referred to below as the "AIG Electronic Services"), and through other means (for example, from your application and other forms, telephone calls, e-mails and other communications with us, as well as from medical professionals, witnesses or other third parties involved in our business dealings with you).

Who To Contact About Your Personal Information

Personal Information That We Collect

How We Use Personal Information

International Transfer of Personal Information

Sharing of Personal Information

Security

Retention of Personal Information

Personal Information of Other Individuals

Marketing Preferences

Access and Correction Requests, Questions and Concerns

Other Information We Collect Through AIG Electronic Services

Third Party Services

Use of AIG Electronic Services by Minors

Changes to This Privacy Policy

We collect and use your personal information in accordance with our Privacy Policy which includes details about our use of cookies.

Depending on your relationship with us Personal Information collected about you and your dependants may include:

General identification and contact information
Your name; address; e-mail and telephone details; gender; marital status; family status; date and place of birth; passwords (including on our systems); educational background; physical attributes; activity records, such as driving records; photos; employment history, skills and experience; professional licenses and affiliations; and date and cause of death, injury or disability.

Identification numbers issued by government bodies or agencies
Social Security or national insurance number; passport number; tax identification number; military identification number; or driver's or other license number.

Other sensitive information
In certain cases, we may receive sensitive information about your trade union membership, religious beliefs, political opinions, family medical history or genetic information. criminal record or civil litigation history. We may also obtain sensitive information if you voluntarily provide it to us (for example, if you express preferences regarding medical treatment based on your religious beliefs).

Information enabling us to provide products and services
Location and identification of persons to who we are asked to provide services(for example, property addresses, vehicle licence plates or identification numbers; travel arrangements including reservation numbers; age categories of individuals you wish us to provide services to; your status as employee, director, partner, family member or ownership or management interest in an organisation.

Marketing preferences and customer feedback
You may let us know your marketing preferences, enter a contest or prize draw or other sales promotion, or respond to a voluntary customer satisfaction survey.

Social media account and information from Apps
We may receive certain Personal Information about you when you use our Apps or Social Media Content, including your social media account ID and profile picture, and other Personal Information that you provide to us. If you elect to connect your social media account provided by another social media service provider to your account(s) on any of the AIG Electronic Services, Personal Information from your social media account will be shared with us, which may include Personal Information that is part of your social media account profile or your friends' profiles.

Send you important information regarding changes to our services, policies, other terms and conditions, the AIG Electronic Services and other administrative information.

Assess your eligibility for payment plans, and process your payments.

Provide improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers).

Prevent, detect and investigate crime, including fraud and money laundering, and analyze and manage other commercial risks.

Carry out market research and analysis, including satisfaction surveys.

Provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with preferences you have expressed.

Personalize your experience on the AIG Electronic Services by presenting information and advertisements tailored to you.

Identify you to anyone to whom you send messages through the AIG Electronic Services.

Facilitate social media sharing functionality.

Manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.

Resolve complaints, and handle requests for data access or correction.

Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence).

Establish and defend legal rights; protect our operations or those of any of our group companies or insurance business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and pursue available remedies or limit our damages.

Due to the global nature of our business, for the purposes set out above we may transfer Personal Information to parties located in other countries (including the United States and other countries that have a different data protection regime than is found in the country where you are based). For example, we may transfer Personal Information to provide security and emergency medical assistance services when you are abroad. We may transfer information internationally to our group companies, service providers, business partners and governmental or public authorities.

Our group companies
AIG Travel EMEA Limited is a member company of American International Group, Inc. As such, we have group companies throughout the world, both inside and outside Europe (for example, in the USA). We may share your personal data with certain of our group companies, but only for the purposes set out in this Privacy Policy. AIG Travel EMEA Limited remains responsible for the management and security of jointly used Personal Information. Access to Personal Information within AIG, and our group of companies, is restricted to those individuals who have a need to access the information for our business purposes.

Insurance parties
We may make Personal Information available to third parties such as insurers; reinsurers; insurance and reinsurance brokers and other intermediaries and agents; appointed representatives; distributors; affinity marketing partners; and financial institutions, securities firms and other business partners.

Our service providers
External third-party service providers, such as security professionals, medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; travel and medical assistance providers; call centre service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; third-party claim administrators; document and records management providers; claim investigators and adjusters; construction consultants; engineers; examiners; jury consultants; translators; and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.

Recipients of your social sharing activity
Your friends associated with your social media account, other website users and your social media account provider, in connection with your social sharing activity, such as if you connect your social media account provided by another social media service provider to your AIG Electronic Services account or log into your AIG Electronic Services account from another social media account. By connecting your AIG Electronic Services account and your other social media account you authorize us to share information with the provider of your other social media account and you understand that the use of the information we share will be governed by the other service provider's social media website's privacy policy. If you do not want your Personal Information shared with other users or with your other social media account provider, please do not connect your other social media account with your AIG Electronic Services account and do not participate in social sharing on the AIG Electronic Services.

Governmental authorities and third parties involved in court action
We may also share Personal Information with governmental or other public authorities (including, but not limited to, workers' compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside your country of residence; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety or property, and/or that of our group companies, you or others; and (g) to allow us to pursue available remedies or limit our damages.

Other Third Parties
We may share Personal Information with payees; emergency providers (fire, police and medical emergency services); retailers; medical networks, organizations and providers; travel carriers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock. To check information provided, and to detect and prevent fraudulent claims, Personal Information (including details of injuries) may be put on registers and shared with insurers not within the AIG group. We may search these registers when dealing with claims to detect, prevent and investigate fraud.

Your Employer
We may share basic information with your employer for the purposes of providing services to you in accordance with our arrangement with them.

Personal Information may also be shared by you, on message boards, chat, profile pages and blogs, and other AIG Electronic Services to which you are able to post information and materials (including, without limitation, our Social Media Content). Please note that any information you post or disclose through these services will become public information, and may be available to visitors and users of the AIG Electronic Services and to the general public. We urge you to be very careful when deciding to disclose your Personal Information, or any other information, when using the AIG Electronic Services.

We will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Information you might have with us has been compromised), please immediately notify us. (See the "Who to Contact About Your Personal Information" section above.)

When we provide Personal Information to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Information.

We take reasonable steps to ensure that the Personal Information we process is reliable for its intended use, and as accurate and complete as is necessary to carry out the purposes described in this Privacy Policy. We will retain Personal Information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

If you provide Personal Information to us regarding other individuals, you agree: (a) to inform the individual about the content of this Privacy Policy; and (b) to obtain any legally-required consent for the collection, use, disclosure, and transfer (including cross-border transfer) of Personal Information about the individual in accordance with this Privacy Policy.

We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you. To tell us your marketing preferences and to opt-out, you can also contact us by e-mail at: AIGDirect.Flagging@aig.com or by writing to: AIG Travel Ecommerce Team, Unit 21 Cecil Pashley Way, Shoreham Airport, Shoreham-By-Sea, West Sussex BN43 5FF

Receiving e-mail messages and text messages from us: If you no longer want to receive marketing-related e-mails or text messages from us on an ongoing basis, you may opt-out of receiving these marketing-related messages by clicking on the link to "unsubscribe" provided in each message or by contacting us at the above addresses.

Receiving telephone communications and postal mail from us: If you no longer want to receive mobile messages, telephone communications or postal mail from us on an ongoing basis, you may opt-out of receiving these marketing-related communications by contacting us at the above addresses.

Our sharing of your Personal Information with our group companies for their marketing purposes: If you would prefer that we do not share your Personal Information on an ongoing basis with our group companies for their own marketing purposes, you may opt-out of this sharing by contacting us at the above addresses.

Our sharing of your Personal Information with selected third-party partners for their marketing purposes: If you have provided your consent we may share your Personal Information on an ongoing basis with our third-party partners for their own marketing purposes. If you change your mind, you may opt-out of this sharing on an ongoing basis by contacting us at the above addresses.

We aim to comply with your opt-out request(s) within a reasonable time period. Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with whom we have already shared your Personal Information (i.e., to those to whom we have already provided your Personal Information as of the date on which we respond to your opt-out request). Please also note that if you do opt-out of receiving marketing communications from us, we may still send you other important administrative communications from which you cannot opt-out.

In certain countries, an individual may have the right to access, correct or object to the use of, or request deletion or suppression of Personal Information on certain grounds. Please contact us as set out in the "Who to Contact About Your Personal Information" section above with any such requests or if you have any questions or concerns about how we process Personal Information. Please note that some Personal Information may be exempt from access, correction, objection, deletion or suppression rights in accordance with local privacy and data protection laws.

"Other Information" is any information that does not reveal your specific identity, such as:

Browser and electronic device information;

App usage data;

Information collected through cookies, pixel tags and other technologies;

Demographic information and other information provided by you; and

Aggregated information

Other Information We Collect

We and our third-party service providers may collect Other Information in a variety of ways, including:

Through your internet browser or electronic device: Certain information is collected by most websites or automatically through your electronic device, such as your IP address (i.e., your computer's address on the internet), screen resolution, operating system type (Windows or Mac) and version, internet browser type and version, electronic device manufacturer and model, language, time of the visit, page(s) visited and the name and version of the AIG Electronic Services (such as the App) you are using.. We use this information to ensure that the AIG Electronic Services function properly.

Through your use of the App: When you download and use the App, we and our service providers may track and collect App usage data, such as the date and time the App on your electronic device accesses our servers and what information and files have been downloaded to the App based on your device number.

Using cookies: Cookies are pieces of information stored directly on the computer you are using. Cookies allow us to recognize your computer and to collect information such as internet browser type, time spent using the AIG Electronic Services, pages visited, language preferences and relevant country website. We may use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize your experience while using the AIG Electronic Services, or to gather statistical information about the usage of the AIG Electronic Services. Cookies further allow us to present to you the advertisements or offers that are most likely to appeal to you. We may also use cookies to track your responses to our advertisements and we may use cookies or other files to track your use of other websites.

Below is a description of all the cookies we use on our websites, what they do, what data about you they collect and what we use them for:

Geo Location cookie – When a visitor visits one of our sites for the first time we read their location from their IP address and use this information to assume the country site that they want to visit. This method is not entirely accurate, however, so when they navigate to a particular country site we use a cookie to store this information and to store the language that they chose to view the site. The next time they visit the site we read the cookie and present the same country and language version they used on their last visit. This has the intended benefit that they don't need to reselect the country site they need each time they visit an AIG site. No Personal Information is collected or used by the cookie.

Site Catalyst cookie (by Adobe) – This cookie enables us to collect and analyze data about how visitors arrive at our site and then how they interact with our site, including products they may search, content they may view, and the steps leading up to a completed or abandoned sale. We use this aggregated information to adapt our sites to better serve their and other users' needs and interests, and to provide more relevant and useful information. The cookie is placed on a visitor's PC on a temporary basis only. The cookie does not collect or use their Personal Information. Instead, it logs an anonymous code which identifies users and this code "follows" the user in their journey through the site. We use the aggregated and anonymous information for statistical analysis.

DoubleClick cookies – We place a tracking pixel cookie on to all site visitors' computers for the purpose of our banner advertising activity. We use these cookies to know that a visitor has been on our site before which allows us to display an appropriate banner ad on to an affiliated network website. No Personal Information is collected. One of the advertisement companies that we use is Google, Inc, trading as DoubleClick. For more information on the DoubleClick cookie, or to opt out from the DoubleClick advertisement cookie please visit: http://www.google.com/privacy/ads/.

Affiliate cookie – We use a tracking pixel cookie, which is put on a visitor's PC and collects only the transaction ID (which identifies the affiliated website the visitor has come from) and a time and date stamp. This enables our affiliate network partners to track affiliated sales and ensure an affiliate is credited for a sale referred to us. It does not involve any passing of Personal Information.

Optimost cookie – .Optimost is a service provided by Hewlett-Packard to analyse customer behavior when visiting our site. This service allows us to test variations of our website pages or elements within the pages. The tests will usually result in improvements to the website and the user experience. The cookie has an anonymous "visitor ID" which is a random number generated to identify a visitor, to distinguish between unique and/or repeat visitors. These cookies do not collect Personal Information. To view the Optimost privacy policy, please visit: https://asp.optimost.com/avatar/privacy-policy .

Oracle Cookie – We use the services of www.oracle.com to serve a persistent cookie on visitors' browsers when they first visit our web pages, unless there is already an Oracle cookie on their browser because they have visited a non-AIG site which is also using Oracle's services. However, visitors' browsing activity on our web pages will not be combined with visitors' browsing behaviour on other websites using Oracle's services. We use visitors' browsing activity on our web pages to understand which pages and content our visitors use or do not use so that we can monitor our site content to best meet our visitors' needs. For further information please read the Oracle privacy policy.

SessionCam – We also use the SessionCam web site recording service. SessionCam is a product that has been developed by www.servicetick.com. SessionCam may record mouse clicks, mouse movements, page scrolling and any text keyed into website forms. The information collected does not include bank details or any sensitive information and it is for internal use only. Information collected is used to improve our website usability and is stored and used for aggregated and statistical reporting.

You can refuse to accept the cookies we use by adjusting your browser settings. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Site and some online products.

Using pixel tags, web beacons, clear GIFs or other similar technologies: These may be used in connection with some AIG Electronic Services and HTML-formatted e-mail messages to, among other things, track the actions of users of the AIG Electronic Services and e-mail recipients, measure the success of our marketing campaigns and compile statistics about usage of the AIG Electronic Services and response rates.

Physical Location: Subject to applicable law, we may collect the physical location of your electronic device by, for example, using satellite, mobile/cell phone tower or WiFi signals. We may use your device's physical location to provide you with personalized location-based services and content. Subject to your marketing preferences as indicated to us or applicable law, we may also share your device's physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing partners to enable them to provide you with more personalized content and to study the effectiveness of advertising campaigns. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device's location, but if you choose to deny such uses and/or sharing, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content.

From you: Some information (for example, your location or preferred means of communication) is collected when you voluntarily provide it. Unless combined with Personal Information, this information does not personally identify you.

By aggregating information: We may aggregate and use certain information (for example, we may aggregate information to calculate the percentage of our users who have a particular telephone area code).

Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Information under applicable law, then, in addition to the uses listed in the "Other Information We Collect" section above, we may use and disclose Other Information for all the purposes for which we use and disclose Personal Information.

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the AIG Electronic Services link. The inclusion of a link on the AIG Electronic Services does not imply endorsement of the linked site or service by us or by our group companies.

Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the information security practices) of other organizations, such as Facebook®, Twitter®, Apple®, Google®, Microsoft®, RIM/Blackberry® or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or electronic device manufacturer, including any Personal Information you disclose to other organizations through or in connection with the AIG Electronic Services.

The AIG Electronic Services are not directed to individuals under the age of eighteen (18), and we request that these individuals do not provide Personal Information directly through the AIG Electronic Services.